Closed ajefts closed 7 years ago
This is the ideal flow we want to get to.
fyi @dmessing
@ajefts Done with #122 #123 and #129. Testing changes on dev env. And if they work, would go for production deployment.
Tested working fine in dev. Let me know when to deploy to prod.
Now coming back to the original requirement posted in the issue:
If we want to automatically create topcoder account for the sso users, I think most critical part is the logic/algo for generating the unique handle. If we can come up with that, it should be doable in couple of days.
And about the incremental approach, we need to enable auto login after successful registration of an sso user so that an sso user who is trying to login, don't see the message Thanks for joining Topcoder.
and don't have login again.
@vikasrohit Let's hold off on the changes to accounts app for auto generating. Let's chat in the morning...
Update on specific implementation requirements:
Create new "login page" for this SSO scheme. The single login page will handle both login and registration. The accounts app already has js that we should be able to reuse. So it's more like creating new pages (1. new connector and 2. new SSO specific login)
Should be simple that it does 2 things: A) call auth0 and let users login with SSO provider B) when returned from auth0, validate if that user exists in our system. If then do then just log them in and return them to the original page they visitied. If the user doesn't existing in TC yet, present an sso-registration page pre-filled with data from the sso provider, the user completes the form to join TC, and then log them in and return them to the original page they requested.
Note: This is intended to be a separate "module" from the existing password/social flow. The separate module will only handle sso registration and login. Once this is done, we should remove the conditional flows that are currently there for sso login/reg.
@vikasrohit I'm running into an issue with sso registration in accounts-test.
Here is a summary: https://docs.google.com/document/d/1MPeGjAPV8xYeTmzjg2zwXKnU9MDfSs_jzHUKTkH1pD4/edit
Can you work on this asap?
Thanks, Tony
fyi @deepakanbarasan1
Done.
Closing to clean up.
We need to streamline the SSO login and registration flows. Here is how we should handle it:
SSO login and registration should be a single form. Currently it is 2 separate forms. So, we should just have a "Login with SSO" form.
If a user attempts to login with sso and they don't have an account, we should automatically create a topcoder account for them. This will mimic the registration form in terms of creating the user, but the user should not have to enter any info.
NOTE: If the full automation is more than a couple days of work, then let's come up with an incremental solution. For example, we could still reduce it to a single sso login form but instead of fully creating the user record we could still return the user to our registration form (without the social login options) with as much info populated as possible. And then the user would still have to submit the form.